US9871794B2ActiveUtilityA1
Domain name system and method of operating using restricted channels
Est. expiryDec 14, 2035(~9.4 yrs left)· nominal 20-yr term from priority
H04L 61/2007H04L 63/1433H04L 61/2061H04L 63/10H04L 63/1416H04L 61/1511H04L 63/1458H04L 61/5061H04L 61/5007H04L 61/4511H04L 63/0428
97
PatentIndex Score
88
Cited by
5
References
17
Claims
Abstract
A server system for a domain name system (DNS) which operates to concurrently provide both public-facing and restricted channels for receiving and handling Internet Protocol (IP) address requests from a population of computers. The server system implements an alternative DNS request handling process to provide a trusted computer entity with exclusive access to the restricted channels.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method for operating a domain name system (DNS), the method being implemented by one or more processors and comprising:
providing a set of public-facing channels to receive and handle Internet Protocol (IP) address requests from a population of computers; and
implementing an alternative DNS request handling process by (i) establishing a set of restricted channels to receive and handle Internet Protocol (IP) address requests from a trusted computer entity, (ii) dynamically reallocating resources of the DNS to receive and handle IP address requests over the set of public-facing channels towards increasing a capacity of the DNS to receive and handle IP requests over the set of restricted channels, (iii) communicating configuration data to the trusted computer entity to enable the trusted computer entity to utilize one or more restricted channels of the restricted channel set, and (iv) receiving and handling IP address requests communicated by the trusted computer entity using the one or more restricted channels, while receiving and handling IP address requests from other computers of the population using the set of public-facing channels.
2. The method of claim 1 , wherein the configuration data identifies a network address of the one or more restricted channels.
3. The method of claim 1 , wherein the configuration data is provided as a data structure that is securely stored on the trusted computer entity.
4. The method of claim 1 , wherein the configuration data provides an encryption key for use by the trusted computer entity when communicating IP address requests using the one or more restricted channels.
5. The method of claim 1 , wherein the configuration data enables the trusted computer entity to create a persistent point-to-point connection with a server of the DNS using the one or more restricted channels.
6. The method of claim 1 , wherein the set of public channels and the set of restricted channels each include a set of network ports that are exclusively designated for the respective set of public or restricted channels.
7. The method of claim 1 , further comprising:
providing a virtual extension of a server of the DNS, the virtual extension providing access to the one or more restricted channels; and
wherein the configuration data enables the trusted computer entity to create a persistent point-to-point connection with the virtual extension.
8. The method of claim 7 , wherein the configuration data enables the trusted computer entity to execute an interface that implements the persistent point-to-point connection with the virtual extension.
9. The method of claim 1 , wherein the alternative DNS request handling process is implemented in response to detecting a denial of service (DOS) attack.
10. The method of claim 1 , wherein the trusted computer entity corresponds to an Internet Service Provider.
11. A server system for a domain name system (DNS), the server system comprising:
a memory to store a set of instructions; and
one or more processors that execute the set of instructions to:
provide a set of public-facing channels in the server system to receive and handle Internet Protocol (IP) address requests from a population of computers; and
implement an alternative DNS request handling process by (i) establishing a set of restricted channels in the server system to receive and handle Internet Protocol (IP) address requests from a trusted computer entity, (ii) dynamically reallocating resources of the server system to receive and handle the IP address requests over the set of public-facing channels towards increasing a capacity of the DNS to receive and handle IP requests over the set of restricted channels, (iii) communicating configuration data to the trusted computer entity to enable the trusted computer entity to utilize one or more restricted channels of the restricted channel set, and (iv) receiving and handling IP address requests communicated by the trusted computer entity using the one or more restricted channels, while receiving and handling IP address requests from other computers of the population using the set of public-facing channels.
12. The server system of claim 11 , wherein the configuration data identifies a network address of the one or more restricted channels.
13. The server system of claim 11 , wherein the configuration data is provided as a data structure that is securely stored on the trusted computer entity.
14. The server system of claim 11 , wherein the configuration data provides an encryption key for use by the trusted computer entity when communicating IP address requests using the one or more restricted channels.
15. The server system of claim 11 , wherein the configuration data enables the trusted computer entity to create a persistent point-to-point connection with a server of the server system using the one or more restricted channels.
16. The server system of claim 11 , wherein the set of public channels and the set of restricted channels each include a set of network ports that are exclusively designated for the respective set of public or restricted channels.
17. A non-transitory computer-readable medium to store instructions that, when executed by one or more processors of a server system for a domain name system (DNS), cause the server system to perform operations that include:
providing a set of public-facing channels in the server system to receive and handle Internet Protocol (IP) address requests from a population of computers; and
implementing an alternative DNS request handling process by (i) establishing a set of restricted channels in the server system to receive and handle Internet Protocol (IP) address requests from a trusted computer entity, (ii) dynamically reallocating resources of the server system to receive and handle IP address requests over the set of public-facing channels towards increasing a capacity of the DNS to receive and handle IP requests over the set of restricted channels, (iii) communicating configuration data to the trusted computer entity to enable the trusted computer entity to utilize one or more restricted channels of the restricted channel set, and (iv) receiving and handling IP address requests communicated by the trusted computer entity using the one or more restricted channels, while receiving and handling IP address requests from other computers of the population using the set of public-facing channels.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.